Light bulb goes on above head -- check out LIDS (lids.org)...
working normally. However, if you just want to protect the one file, you should be able to set it up so that nothing can modify the directory it resides in, and explicitly allow /usr/bin/netscape (or whatever) full access to the directory. That way, users will not be able to delete the file from a shell, but Netscape can continue to do its thing normally.
Note that LIDS permissions work by inode number, so if you do the "obvious thing" and protect the FILE you want to protect, the first time it gets recreated (which your mail client may well decide to do) you'll lose your protection and be left scratching your head.
So you really do want to do it per directory.
Just a minor caveat, really...
-Nate
